If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Is using driftnet possible on wpa2?

Hello. I do not use backtrack for my operating system, but I thought this would be a good place to ask this question.

Right now I am trying to figure out a way to use driftnet in real time on my WPA2 protected network. I know I can use the air suite to capture the packets decrypt them and run them through tcpreplay, but this is not in real time.

Currently the only way I have to watch the packets in real time is with wireshark and use aireplay to deauth a client for the handshake packets so wireshark will decrypt the packets. Is there any methods to let driftnet use this data?

Or is there another program or set of programs I should be using to accomplish this? Or is it not possible at all with the currently available toolset.

Currently the only way I have to watch the packets in real time is with wireshark and use aireplay to deauth a client for the handshake packets so wireshark will decrypt the packets. Is there any methods to let driftnet use this data?

That reads like you're not doing it on your own network to me.

If you are on your own network: there is no reason for driftnet to operate any differently to if you are wired or not - you may need to route traffic through your device (or make it act as a WAP), but the basic principles are the same. Make sure you've actually connected to the network rather than just sitting there sniffing it.

It works just fine on my WPA2 network.

Still not underestimating the power...

There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

I don't quite understand how it doesn't sound like I am not on my own network, wireshark is not going to decrypt it without the phrase or key and it is also not going to decrypt them without the handshake packets.

Anyway after further reading I found that it is not possible with the current tool set, without actively trying to get the traffic. Maybe eventually airtun-ng will support WPA.